
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft
File: hesz_RfSMvvmsq22bLCv4N7pA7A.mft (raw, json)
Hash identifier: u+Amlp9zva0NYLKXU8VCM2qpg0S6LZOx+TJTDvy7ORg=
Subject key identifier: CC:A5:0C:9B:7D:6F:AB:92:07:95:B7:23:56:DA:52:41:58:10:9E:16
Authority key identifier: 85:EB:33:FD:17:D2:32:FB:E6:B2:AD:B6:6C:B0:AF:E0:DE:E9:03:B0
Certificate issuer: /CN=85eb33fd17d232fbe6b2adb66cb0afe0dee903b0
Certificate serial: 0198748755B5705B7D5F04E102C97310A9D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hesz_RfSMvvmsq22bLCv4N7pA7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft
Manifest number: 04A4
Signing time: Mon 04 Aug 2025 10:01:23 +0000
Manifest this update: Mon 04 Aug 2025 10:01:23 +0000
Manifest next update: Tue 05 Aug 2025 10:01:23 +0000
Files and hashes: 1: hesz_RfSMvvmsq22bLCv4N7pA7A.crl (hash: jmlBAIKu/Mro1kd8UWIvjW/1OiX2tVh4xIyRsgp4EpM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/hesz_RfSMvvmsq22bLCv4N7pA7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 10:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:87:55:b5:70:5b:7d:5f:04:e1:02:c9:73:10:a9:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85eb33fd17d232fbe6b2adb66cb0afe0dee903b0
Validity
Not Before: Aug 4 10:01:23 2025 GMT
Not After : Aug 5 10:01:23 2025 GMT
Subject: CN=cca50c9b7d6fab920795b72356da524158109e16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:63:b7:c0:5a:09:48:08:c4:34:b0:6d:1a:8b:
77:7f:24:93:76:d7:85:96:94:ec:fa:18:14:a7:55:
1a:20:0b:c3:e2:7a:5b:23:ee:14:06:42:dd:b2:dd:
f4:e4:36:cc:45:8a:68:ce:d4:79:a3:3e:2f:08:82:
54:76:36:e0:98:8c:4b:30:a2:62:a3:30:4e:fa:59:
fc:88:2b:ec:0d:fc:53:96:71:8c:b0:c8:59:6c:83:
47:34:01:be:a3:4c:d6:ba:bb:8a:a1:fb:c9:32:c4:
30:e2:c3:94:f7:a4:4c:b8:c0:cc:d9:5f:71:17:56:
32:6d:ab:00:e9:e4:5d:b4:80:36:40:d8:21:be:43:
62:a1:6c:96:7a:e3:cc:5c:03:02:46:04:fe:7b:4d:
3e:9c:44:6a:ce:9e:37:f5:4a:9c:3b:37:bd:5b:49:
8b:61:26:d1:8d:e3:42:d0:e4:9f:94:e3:54:d0:35:
0c:9f:25:b5:8a:d3:61:d4:f9:d3:e5:b9:b8:4c:5b:
89:7f:04:f8:bf:cc:7a:69:d9:63:d3:43:fd:43:0f:
74:5d:36:88:e7:4a:cf:dd:73:13:84:fc:1a:82:9e:
a9:3c:4d:73:ec:a9:b3:d3:6a:52:da:c8:e8:e6:42:
80:6d:8a:b0:62:1b:81:e4:51:1c:99:b8:6e:fe:28:
41:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:A5:0C:9B:7D:6F:AB:92:07:95:B7:23:56:DA:52:41:58:10:9E:16
X509v3 Authority Key Identifier:
keyid:85:EB:33:FD:17:D2:32:FB:E6:B2:AD:B6:6C:B0:AF:E0:DE:E9:03:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hesz_RfSMvvmsq22bLCv4N7pA7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/ce824f-73c9-485e-8edc-8a38ea2b1f54/1/hesz_RfSMvvmsq22bLCv4N7pA7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:80:7a:6f:f0:24:5c:28:00:36:16:e6:2c:eb:a1:1e:6c:68:
ed:41:a7:a9:1b:f9:93:f4:2c:5c:19:7b:3c:04:1f:06:df:6a:
03:88:5f:02:55:34:d1:a0:05:bc:03:88:6e:d5:d8:86:3f:94:
5e:8a:d8:27:4f:b4:12:ab:9e:41:a3:37:ea:0b:8f:f5:f9:36:
56:97:6d:51:46:c8:3b:25:d1:db:81:db:d2:e1:98:79:33:67:
57:79:1d:9f:91:88:0b:26:b4:7b:e3:db:9f:ce:ca:5e:29:fc:
f7:71:74:f8:30:78:51:55:f5:0e:14:b8:e7:f8:38:7e:01:2f:
48:69:fd:11:53:b8:51:ba:e5:83:1c:53:f2:bf:59:a4:0d:e5:
bf:59:7b:ac:c0:bf:7c:2a:49:5b:d8:80:e0:6b:97:57:92:3f:
e3:18:b2:63:7c:09:8a:75:07:79:2a:29:30:c2:a8:13:79:10:
ec:c6:28:c1:a6:a2:06:b5:f7:91:17:bf:e8:6d:83:99:e7:86:
96:4f:99:ae:48:1e:e6:6f:97:d2:c5:a3:88:5f:d6:78:80:ba:
13:93:03:29:a1:35:ac:e8:98:34:cc:82:21:f5:c3:96:3d:4e:
60:61:70:4e:47:c9:8e:db:9e:eb:6e:58:60:00:58:d3:3f:5a:
ad:77:96:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZh0h1W1cFt9XwThAslzEKnTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZWIzM2ZkMTdkMjMyZmJlNmIyYWRiNjZjYjBhZmUwZGVl
OTAzYjAwHhcNMjUwODA0MTAwMTIzWhcNMjUwODA1MTAwMTIzWjAzMTEwLwYDVQQD
EyhjY2E1MGM5YjdkNmZhYjkyMDc5NWI3MjM1NmRhNTI0MTU4MTA5ZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GO3wFoJSAjENLBtGot3fySTdteF
lpTs+hgUp1UaIAvD4npbI+4UBkLdst305DbMRYpoztR5oz4vCIJUdjbgmIxLMKJi
ozBO+ln8iCvsDfxTlnGMsMhZbINHNAG+o0zWuruKofvJMsQw4sOU96RMuMDM2V9x
F1YybasA6eRdtIA2QNghvkNioWyWeuPMXAMCRgT+e00+nERqzp439UqcOze9W0mL
YSbRjeNC0OSflONU0DUMnyW1itNh1PnT5bm4TFuJfwT4v8x6adlj00P9Qw90XTaI
50rP3XMThPwagp6pPE1z7Kmz02pS2sjo5kKAbYqwYhuB5FEcmbhu/ihBcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMylDJt9b6uSB5W3I1baUkFYEJ4WMB8GA1UdIwQY
MBaAFIXrM/0X0jL75rKttmywr+De6QOwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGVzel9SZlNNdnZtc3EyMmJMQ3Y0TjdwQTdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9jZTgyNGYtNzNjOS00ODVlLThlZGMt
OGEzOGVhMmIxZjU0LzEvaGVzel9SZlNNdnZtc3EyMmJMQ3Y0TjdwQTdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9jZTgyNGYtNzNjOS00ODVlLThlZGMtOGEzOGVhMmIxZjU0
LzEvaGVzel9SZlNNdnZtc3EyMmJMQ3Y0TjdwQTdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAroB6b/Ak
XCgANhbmLOuhHmxo7UGnqRv5k/QsXBl7PAQfBt9qA4hfAlU00aAFvAOIbtXYhj+U
XorYJ0+0EqueQaM36guP9fk2VpdtUUbIOyXR24Hb0uGYeTNnV3kdn5GICya0e+Pb
n87KXin893F0+DB4UVX1DhS45/g4fgEvSGn9EVO4UbrlgxxT8r9ZpA3lv1l7rMC/
fCpJW9iA4GuXV5I/4xiyY3wJinUHeSopMMKoE3kQ7MYowaaiBrX3kRe/6G2DmeeG
lk+Zrkge5m+X0sWjiF/WeIC6E5MDKaE1rOiYNMyCIfXDlj1OYGFwTkfJjtue625Y
YABY0z9arXeWWA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 18:18:08 2025 by rpki-client